In today post I would like to talk about Azure Virtual Network and when we should use them.
Before starting, let’s see what a virtual network is. Virtual Networks give us the possibility to create a private network in Azure, where we can manage our own devices and machines. This network will has his own IP, DNS and custom configuration. This kind of private networks can add an additionally later of security in our solution because only resources from the same Virtual Network can see each other. Base on this we could say that we are creating own isolated islands, with their own topology (or course if needed, we add also on-premises resources – creating a hybrid network).
It is important to remember that in a Virtual Network we can have any kind or resources from PaaS to IaaS. For example we can have VMs combined with some worker roles and Azure SQL Services. All in the same Virtual Network.
In this moment we made an overview idea about what is a Virtual Network. Next I would like to look together with you over some use cases when this time or network can be useful or not.
Hybrid Solutions (Yes)
This scenario is the most classic one for Virtual Networks. In this cases it is a have to use this kind of network to connect your Azure resources (VMs for example) to your on-premises network. This is the only way if you want resources from on-premises and Azure to be in the same network.
Direct communication between Azure resources (Yes)
There are scenarios when you want a direct communication between Azure resources. In the case when you need Azure resources to be in the same network, isolated from the rest of Azure resources, Virtual Network can be used with success. In this way you will be able to establish a direct connection with resources that are in the same Virtual Network.
Customer Customers Devices (No)
These specific scenario should not use Virtual Networks because of security issues that can appear. Imagine that you develop a Smart Home Automation platform that can be used by clients to make their houses extremely smart. You would have a lot of on-premises devices that needs to communicate in a safe and reliable way with your backend.
One idea is to add all on-premises resources from all your clients under the same Virtual Network. This could be a good idea at first, but if you think again and review this solution you could realize that is not the best approach. In this use case, all your clients devices will be in the same network, this mean that they will be able to reach (over TCP/IP packages), devices that are own by other clients. This could be a big security hale – you don’t want to end up that someone else to control your house.
Secure communication (Yes)
Imagine that you have VMs on Azure that needs to communicate only between them. You don’t want to allow other resources to reach them. In this case a virtual network can be used with success isolate and control what data can go in/our from this network.
Conclusion
Virtual Networks can be used with success when we want to add enable direct communication between different devices that are on Azure or Azure and on-premises. This feature should be used with attention, especially when we are dealing with resources of different client. We need to make sure that it is allowed that different customer resources to be in the same network.
Before starting, let’s see what a virtual network is. Virtual Networks give us the possibility to create a private network in Azure, where we can manage our own devices and machines. This network will has his own IP, DNS and custom configuration. This kind of private networks can add an additionally later of security in our solution because only resources from the same Virtual Network can see each other. Base on this we could say that we are creating own isolated islands, with their own topology (or course if needed, we add also on-premises resources – creating a hybrid network).
It is important to remember that in a Virtual Network we can have any kind or resources from PaaS to IaaS. For example we can have VMs combined with some worker roles and Azure SQL Services. All in the same Virtual Network.
In this moment we made an overview idea about what is a Virtual Network. Next I would like to look together with you over some use cases when this time or network can be useful or not.
Hybrid Solutions (Yes)
This scenario is the most classic one for Virtual Networks. In this cases it is a have to use this kind of network to connect your Azure resources (VMs for example) to your on-premises network. This is the only way if you want resources from on-premises and Azure to be in the same network.
Direct communication between Azure resources (Yes)
There are scenarios when you want a direct communication between Azure resources. In the case when you need Azure resources to be in the same network, isolated from the rest of Azure resources, Virtual Network can be used with success. In this way you will be able to establish a direct connection with resources that are in the same Virtual Network.
Customer Customers Devices (No)
These specific scenario should not use Virtual Networks because of security issues that can appear. Imagine that you develop a Smart Home Automation platform that can be used by clients to make their houses extremely smart. You would have a lot of on-premises devices that needs to communicate in a safe and reliable way with your backend.
One idea is to add all on-premises resources from all your clients under the same Virtual Network. This could be a good idea at first, but if you think again and review this solution you could realize that is not the best approach. In this use case, all your clients devices will be in the same network, this mean that they will be able to reach (over TCP/IP packages), devices that are own by other clients. This could be a big security hale – you don’t want to end up that someone else to control your house.
Secure communication (Yes)
Imagine that you have VMs on Azure that needs to communicate only between them. You don’t want to allow other resources to reach them. In this case a virtual network can be used with success isolate and control what data can go in/our from this network.
Conclusion
Virtual Networks can be used with success when we want to add enable direct communication between different devices that are on Azure or Azure and on-premises. This feature should be used with attention, especially when we are dealing with resources of different client. We need to make sure that it is allowed that different customer resources to be in the same network.
Comments
Post a Comment